Job Title

Join to apply for the ITRO Lead role at XPT Software Australia1 day ago Be among the first 25 applicantsJoin to apply for the ITRO Lead role at XPT Software AustraliaGet AI-powered advice on this job and more exclusive features.Information Security Management System (ISO 27001)NIST FrameworksSecurity Controls assurancePrivacy AssessmentBusiness Continuity ManagementIT Disaster Recovery / IT Service ContinuityControls Assurance:Establish and / or align with clients controls framework in accordance with industry standards such as ISO 27001, NIST, essential 8, etc.Establish and / or align with clients security policies, standards, guidelines, etc. to support the implementation of the applicable security controlsWork with the technical teams to ensure the controls identified are implemented for the systems / service lines in scopeEnsure Enterprise Risk Management (ERM) controls are implemented across the service lines in scopeFacilitate any security audits and ensure minimum to zero findings for the controls related to the scope of workUnderstand contractual compliance requirements and facilitate stakeholders in understanding and driving for complianceRisks and Issues Management:Work with stakeholders and conduct risk assessments to identify risks, issues and derive treatment plans to mitigate themParticipate in the governance forums run by the clients security controls assurance team for discussing the issues and risks pertaining to the scope of service and applicationsGovern the risk and issue treatments until the residual risk is brought to an acceptable levelResilience:Establish, implement and manage the Business Continuity Plan (BCP) for the services in scope for the customer accountLiaise with team to mobilise resources during any business continuity events, conduct tests such as walk-through, table-top, call-tree and simulationLiaise with the customers resilience team and the service Leads / SMEs and govern the IT Disaster Recovery (DR) / IT Service Continuity (ITSC) requirements including the tests that need to be performed across all the systems in scopeGovernance:Conduct regular account level governance meetings with the leadership and discuss the status of risks, issues, compliance, BCP, DR / ITSC status.Ensure regular reports as agreed with the leadership and client are shared as agreed e.g. weekly reports for vulnerability remediation progress, monthly report on identity governance, monthly SLAs, weekly KPIs, etc.SkillsetsInformation Security Management System (ISO 27001)NIST FrameworksRisk ManagementSecurity Controls assurancePrivacy AssessmentBusiness Continuity ManagementIT Disaster Recovery / IT Service ContinuityControls Assurance:Establish and / or align with clients controls framework in accordance with industry standards such as ISO 27001, NIST, essential 8, etc.Establish and / or align with clients security policies, standards, guidelines, etc. to support the implementation of the applicable security controlsWork with the technical teams to ensure the controls identified are implemented for the systems / service lines in scopeEnsure Enterprise Risk Management (ERM) controls are implemented across the service lines in scopeFacilitate any security audits and ensure minimum to zero findings for the controls related to the scope of workUnderstand contractual compliance requirements and facilitate stakeholders in understanding and driving for complianceRisks and Issues Management:Work with stakeholders and conduct risk assessments to identify risks, issues and derive treatment plans to mitigate themParticipate in the governance forums run by the clients security controls assurance team for discussing the issues and risks pertaining to the scope of service and applicationsGovern the risk and issue treatments until the residual risk is brought to an acceptable levelResilience:Establish, implement and manage the Business Continuity Plan (BCP) for the services in scope for the customer accountLiaise with team to mobilise resources during any business continuity events, conduct tests such as walk-through, table-top, call-tree and simulationLiaise with the customers resilience team and the service Leads / SMEs and govern the IT Disaster Recovery (DR) / IT Service Continuity (ITSC) requirements including the tests that need to be performed across all the systems in scopeGovernance:Conduct regular account level governance meetings with the leadership and discuss the status of risks, issues, compliance, BCP, DR / ITSC status.Ensure regular reports as agreed with the leadership and client are shared as agreed e.g. weekly reports for vulnerability remediation progress, monthly report on identity governance, monthly SLAs, weekly KPIs, etc.4.1 Vulnerability ManagementLead the vulnerability management team who are dedicated to govern the remediation progress for all platforms and application across the entire clients IT ecosystem.Establish, implement and run the vulnerability remediation governance processWork closely with client stakeholders to ensure the vulnerability remediation is effective and are meeting various metrics in accordance with the requirements such as Essential 8, client, standards, etc.Establish, implement and run the threat-intel based vulnerability remediation processWork closely with the clients CSOC / threat intel team to identify any critical or zero-day vulnerabilities or threats that need urgent remediation. Further work with the application teams to remediate themEnsure regular reporting on the vulnerability status are submitted as per the timeline agreed with the client i.e. weekly report to all leadership and all support groups, monthly SLA, KPIs, Monthly Performance Reports (MPRs) for CIO score card, etc.4.2 Identity GovernanceLead the Identity governance team who are dedicated to govern the user access reviews and certification process for all applications across the entire clients IT ecosystem.Establish, implement and run various identity governance processes such as Standard and privileged access reviews, third-party access reviews, access profile reviews, role composition reviews, etc.CRITICAL: Work closely with the identity governance team to ensure all the pre-checks are completed and the campaigns are launched and are run end-to-end as per schedule. Also, ensure any issues hampering the campaigns are resolved so that people leaders are able to complete their reviews on timeWork closely with the Application owners, IdentityNow team and the Identity Governance Lead to ensure all the identities, accounts, profiles, etc. are recorded accurately and are certifiableEnsure regular reporting on the identity governance status are submitted as per the timeline agreed with the client i.e. weekly report on campaign status, monthly summary report, monthly SLA data etc.Other ITRO responsibilities:Develop and facilitate effective security training program, including appropriate introductory training for new employees as well as ongoing training for all employees and managersAligning with the Strategy and Risk (S&R) practice and support practice led initiativesCertifications (preferred)ISO 27001 Lead AuditorCertified Information Security Manager (CISM)Certified Information Systems Auditor (CISA)Seniority levelSeniority levelMid-Senior levelEmployment typeEmployment typeFull-timeJob functionJob functionOtherIndustriesIT Services and IT ConsultingReferrals increase your chances of interviewing at XPT Software Australia by 2xGet notified about new Lead jobs in Carlton, Victoria, Australia.Melbourne, Victoria, Australia A$60,000.00-A$65,000.00 3 weeks agoMelbourne, Victoria, Australia 2 days agoMelbourne, Victoria, Australia 1 week agoSenior Manager / Director Payroll Testing LeadMelbourne, Victoria, Australia 3 weeks agoSenior Lead Integrated Planning and ReportingBroadmeadows, Victoria, Australia 2 days agoMelbourne, Victoria, Australia A$180,000.00-A$220,000.00 1 week agoMelbourne, Victoria, Australia 1 week agoMelbourne, Victoria, Australia 4 days agoMelbourne, Victoria, Australia 2 days agoMelbourne, Victoria, Australia 2 weeks agoMelbourne, Victoria, Australia 1 week agoMelbourne, Victoria, Australia 4 days agoMelbourne, Victoria, Australia 3 weeks agoMelbourne, Victoria, Australia 1 month agoMelbourne, Victoria, Australia 2 weeks agoMelbourne, Victoria, Australia A$175,000.00-A$180,000.00 2 days agoMelbourne, Victoria, Australia 2 months agoMelbourne, Victoria, Australia 1 week agoMelbourne, Victoria, Australia 3 weeks agoManager, Human Resources (Corporate Functions)Melbourne, Victoria, Australia 1 week agoMelbourne, Victoria, Australia 3 weeks agoMelbourne, Victoria, Australia 2 weeks agoMelbourne, Victoria, Australia 2 days agoMelbourne, Victoria, Australia A$120,000.00-A$260,000.00 3 weeks agoMelbourne, Victoria, Australia A$140,000.00-A$160,000.00 4 weeks agoExpression of Interest: Software Delivery LeadRichmond, Victoria, Australia 1 month agoMelbourne, Victoria, Australia 1 week agoTruganina, Victoria, Australia 2 weeks agoMelbourne, Victoria, Australia 6 days agoMelbourne, Victoria, Australia 3 days agoMelbourne, Victoria, Australia 2 weeks agoMelbourne, Victoria, Australia 2 weeks agoMelbourne, Victoria, Australia 5 months agoWere unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI. #J-18808-Ljbffr